| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
GH #363
|
|
|
|
|
|
|
| |
Having the code diffused all over the place was ugly and would
not scale well to multiple alternative providers.
GH #368
|
|
|
|
| |
See GH #340 and 6b9a3a5 for background
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The command line tools' origin as a collection of examples and test
programs glued together led to some unfortunate problems; lots of
hardcoded values, missing parameters, and obsolete crypto.
Adds a small library for writing command line programs of the sort
needed here (cli.h), which cuts the length of many of the commands in
half and makes commands more pleasant to write and extend.
Generalizes a lot of the commands also, eg previously only
signing/verification with DSA/SHA-1 was included!
Removes the fuzzer entry point since that's fairly useless outside of
an instrumented build.
Removes the in-library API for benchmarking.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
As the alternatives are unfortunate for applications trying to catch
all library errors, and it seems deriving from std::runtime_error
causes problems with MSVC DLLs (GH #340)
Effectively reverts 2837e915d82e43
|
| |
|
|
|
|
|
|
|
|
| |
Provide abstractions for the locking allocator (allocate and free
locked pages) to decouple it from the platform dependent code. Should
make it easy to write a Windows version using VirtualAlloc+VirtualLock.
Exposes max mlock limit as a build.h toggle
|
|
|
|
| |
Checked with ctgrind
|
|\
| |
| | |
Algo_Registry: Use CRITICAL_SECTION on Windows to prevent hang during initialization
|
| | |
|
| |
| |
| |
| | |
Preprocessing sections are now split in two.
|
| |\
| | |
| | |
| | | |
fix_algo_registry_locking_windows
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | | |
DllMain when initialising global constants.
|
| | | |
|
| | |
| | |
| | |
| | | |
Because convenient
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Take the value from build.h if we have no way of getting it dynamically.
Fixes an infinite loop in AES on non-x86 introduced in ebf2164a,
as otherwise it does for(size_t i = 0; i != ...; i += 0) {}
while iterating over the TE tables.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Specifically a named one for integer factorization (despite using same
formula as DL calc) which incorporates the k value from RFC 3766. Also
adds dl_exponent_size which returns the exponent size, this one ignores
k thus using a ~10 bit larger exponent than strictly necessary.
Adding in k downgrades 1024 bit RSA to exactly 80 bits, which is probably
about right.
|
| | | |
|
| | |
| | |
| | |
| | |
| | | |
Change getrusage output to static system data since it is sparse and
changes rarely, and so actually does trigger the differential test.
|
| | |
| | |
| | |
| | | |
Defaults should be fine for everyone but it makes the values more transparent
|
|\ \ \
| | | |
| | | | |
Fixed crash in compression filter when transform argument is null.
|
| | | | |
|
| |/ / |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Provides an easier way for an application to configure a list of
entropy sources they'd like to use, or add a custom entropy source to
their seeding.
Exposes some toggles for the global/default entropy sources to build.h
Adds basic entropy tests which runs the polls and does sanity checking
on the results, including compression tests if available. These are
less useful for the CSPRNG outputs but a good check for the ones
producing plain ASCII like the /proc reader.
|
| |/
|/|
| |
| | |
Also fix a few cast and zero-as-nullptr warnings in the AltiVec header
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The only reason mul128.h was included in mp_types.h was for the
definition of dword. But dword is only needed by the generic version
of mp_madd, which is an internal header. So move both the inclusion
of the header and the dword definition to there.
Previously mul128.h was very public (mp_types.h to bigint.h to rsa.h,
for example) and use of __int128 causes problems in pedantic mode. So
additionally, prefer using the TI attribute version since GCC does not
complain about that. Clang's -Wpedantic does not seem to care about it
either way.
GH #330
|
| |
| |
| |
| |
| |
| | |
Re-encoding the server key exchange meant that any leading zeros
in the values for DHE (or SRP) would be stripped out. This would
cause the signature check to fail.
|
| |
| |
| |
| | |
DB::spin now returns the number of rows affected
|
| | |
|
| |
| |
| |
| | |
since the primality tests are expensive in CPU time.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fix a bug which rejected any short server key exchanges. These can
occur with a plain PSK with short or empty identity hints.
Disable SHA-224 by default.
Remove some vestigal RC4 cruft.
Push more on the TLS corruption tests.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The tests previously had used 4 to 6 different schemes internally (the vec file
reader framework, Catch, the old InSiTo Boost.Test tests, the PK/BigInt tests
which escaped the rewrite in 1.11.7, plus a number of one-offs). Converge on a
design that works everywhere, and update all the things.
Fix also a few bugs found by the test changes: SHA-512-256 name incorrect,
OpenSSL RC4 name incorrect, signature of FFI function botan_pubkey_destroy
was wrong.
|
|/ |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The tests which generate McEliece keys using a deterministic RNG and
fixed seed failed on PowerPC (or other big endian systems) because the
vectors assumed we were creating elements little endian, which is
what happend with rng.randomize(&u16, 2) on x86
Fix it to always be little endian. No particular reason to prefer one vs the
other here (we're just trying for compatability with ourselves) and choosing
little endian avoids having to regen the vectors.
|
| |
|
|\
| |
| | |
TLS improvements
|
| | |
|
| |
| |
| |
| | |
Convert to a const time algo
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Use constant time operations when checking CBC padding in TLS decryption
Fix a bug in decoding ClientHellos that prevented DTLS rehandshakes
from working: on decode the session id and hello cookie would be
swapped, causing confusion between client and server.
Various changes in the service of finding the above DTLS bug that
should have been done before now anyway - better control of handshake
timeouts (via TLS::Policy), better reporting of handshake state in the
case of an error, and finally expose the facility for per-message
application callbacks.
|
| | |
|
|\ \
| | |
| | | |
Fix cert validation bugs found by x509test.
|